Overview
JSCAPE MFT Server provides a fine-grained password compliance configuration that enable strong passwords whether it be for meeting a government mandated standard like the Sarbanes–Oxley Act or a company wide policy that requires users to choose strong passwords.
Options like setting a minimum password length, expiring passwords, the inability for a user to reuse previous passwords and requiring that passwords contain a combination of uppercase, lowercase, numeric and special characters are available for administrators to enforce.
Enabling and Configuring Password Compliance
Open JSCAPE MFT Server Manager and click on “Compliance” under the domain you want to manage.
Minimum password length of - Requires that password not be shorter than the defined minimum length of characters.
Maximum password age of - Requires that user passwords expire and forced to be changed when the defined maximum number of days is reached. This option can be disabled at the user level where needed by using the "Ignore password aging rules" option.
Email password change reminder - Emails a password change reminder to the user when his/her password is about to expire. The reminder is to be sent on the defined number of days before the password is set to expire. To receive the reminder the user must have an email address defined. Also, before JSCAPE MFT Server can send emails an SMTP server must be defined. The SMTP server is defined under “File > Settings > Email” in JSCAPE MFT Server Manager.
Password must not match previous - Requires that new passwords not match any of the previously used passwords. The number parameter defines how far back of previously used password will not be allowed reuse. 1 would mean the current password cannot be reused but the password before it , if any, would be eligible for reuse. 2 means both the current and the password before it cannot be reused. 100 is the maximum.
Deny login for password non-compliance - If enabled, user password will be verified at time of login to check that it meets compliance requirements. If it matches user password but does not meet compliance requirements then user will be denied login.
Summary
It has been said that the weakest security link in any system are the people using it. If you allow them, some people would choose the shortest, weakest and the easiest to guess passwords. Passwords like “god”, “sex”, “xxx”, “12345” ,“qwerty” are common and are the type of passwords that bring nightmares to administrators across the world.
The JSCAPE MFT Server can be configured to force users to choose strong passwords and not just rely on their willingness to do so. Passwords are an integral part in securing a system and sometimes users just need a little "coercion" to help them choose a better password.
References
Comments